This proof-of-concept script demonstrates how to exploit CVE-2024-4323, a memory corruption vulnerability in Fluent Bit, enabling remote code execution.
CVE-2024-4323 is a memory corruption vulnerability in Fluent Bit versions 2.0.7 through 3.0.3. The issue resides in the embedded HTTP server's parsing of trace requests, which can lead to denial of service (DoS) conditions, information disclosure, or remote code execution (RCE) (MITRE CVE) (Launchpad).
For more details on the vulnerability and mitigations, you can refer to the CVE-2024-4323 entry on Mitre and Tenable's advisory.
This script is intended for testing and educational purposes only. Unauthorized exploitation of vulnerabilities is illegal and unethical. Always obtain proper authorization before testing any system for vulnerabilities.
Running the script with -h or --help will display the usage menu:
usage: exploit.py [-h] -u URL -p PORT -c CODE
Exploit for CVE-2024-4323
optional arguments:
-h, --help show this help message and exit
-u URL, --url URL Target URL
-p PORT, --port PORT Target port number
-c CODE, --code CODE Remote code to be executed